From de08d1105b2cff2c735a06764a9127a23c737a9a Mon Sep 17 00:00:00 2001
From: Daiki Ueno <dueno@redhat.com>
Date: Mon, 15 Apr 2024 08:53:53 +0900
Subject: [PATCH] Suppress clang-analyzer warnings

This suppresses a couple of dead assignments and unlikely null pointer
dereferences.

Signed-off-by: Daiki Ueno <dueno@redhat.com>
---
 src/interface.c | 1 -
 src/objects.c   | 1 -
 src/signature.c | 8 +++++++-
 3 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/src/interface.c b/src/interface.c
index d36e79da..8968e668 100644
--- a/src/interface.c
+++ b/src/interface.c
@@ -165,7 +165,6 @@ static CK_RV p11prov_interface_init(P11PROV_MODULE *mctx)
         return CKR_HOST_MEMORY;
     }
 
-    ret = CKR_FUNCTION_NOT_SUPPORTED;
     intf->GetInterface = dlsym(mctx->dlhandle, "C_GetInterface");
     if (!intf->GetInterface) {
         char *err = dlerror();
diff --git a/src/objects.c b/src/objects.c
index 7b76566c..5b5b09ea 100644
--- a/src/objects.c
+++ b/src/objects.c
@@ -1870,7 +1870,6 @@ static int p11prov_obj_export_public_ec_key(P11PROV_OBJ *obj,
     switch (key_type) {
     case CKK_EC:
         attrs[0].type = CKA_P11PROV_CURVE_NID;
-        nattr = 1;
         rv = get_public_attrs(obj, attrs, 1);
         if (rv != CKR_OK) {
             P11PROV_raise(obj->ctx, rv, "Failed to get EC key curve nid");
diff --git a/src/signature.c b/src/signature.c
index f726a199..a9ca373c 100644
--- a/src/signature.c
+++ b/src/signature.c
@@ -877,6 +877,9 @@ static CK_RV p11prov_sig_operate(P11PROV_SIG_CTX *sigctx, unsigned char *sig,
         if (sigctx->operation == CKF_VERIFY) {
             return CKR_ARGUMENTS_BAD;
         }
+        if (siglen == NULL) {
+            return CKR_ARGUMENTS_BAD;
+        }
         return p11prov_sig_get_sig_size(sigctx, siglen);
     }
 
@@ -1042,6 +1045,9 @@ static int p11prov_sig_digest_final(P11PROV_SIG_CTX *sigctx, unsigned char *sig,
         if (sigctx->operation == CKF_VERIFY) {
             goto done;
         }
+        if (siglen == NULL) {
+            goto done;
+        }
         ret = p11prov_sig_get_sig_size(sigctx, siglen);
         if (ret == CKR_OK) {
             result = RET_OSSL_OK;
@@ -1868,7 +1874,7 @@ static int p11prov_ecdsa_digest_sign_final(void *ctx, unsigned char *sig,
 {
     P11PROV_SIG_CTX *sigctx = (P11PROV_SIG_CTX *)ctx;
     unsigned char raw[P11PROV_MAX_RAW_ECC_SIG_SIZE];
-    size_t rawlen;
+    size_t rawlen = 0;
     int ret;
 
     /* the siglen might be uninitialized when called from openssl */